yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1386932] Re: context.elevated: copy.copy causes admin role leak

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Matt Riedemann <mriedem@xxxxxxxxxx>
Date: Tue, 22 Mar 2016 17:52:25 -0000
Reply-to: Bug 1386932 <1386932@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Also affects: nova/liberty
   Importance: Undecided
       Status: New

** Changed in: nova/liberty
       Status: New => Fix Committed

** Changed in: nova/liberty
   Importance: Undecided => High

** Changed in: nova/liberty
     Assignee: (unassigned) => Matt Riedemann (mriedem)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1386932

Title:
  context.elevated: copy.copy causes admin role leak

Status in Cinder:
  Fix Released
Status in Manila:
  Fix Released
Status in neutron:
  Fix Released
Status in neutron juno series:
  Fix Released
Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Compute (nova) liberty series:
  Fix Committed
Status in OpenStack Security Advisory:
  Won't Fix

Bug description:
  In neutron/context.py,

  ```
          context = copy.copy(self)
          context.is_admin = True

          if 'admin' not in [x.lower() for x in context.roles]:
              context.roles.append('admin')
  ```

  copy.copy should be replaced by copy.deepcopy such that the list
  reference is not shared between objects. From my cursory search on
  github this also affects cinder, gantt, nova, neutron, and manila.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1386932/+subscriptions